diff --git a/README.md b/README.md index 73fab6f7..1b182b7c 100644 --- a/README.md +++ b/README.md @@ -8,7 +8,7 @@ *NOTE: The code before version 1.x is considered beta quality and is subject to breaking changes.* `DNS-collector` acts as a passive high speed **aggregator, analyzer, transporter and logging** for your DNS messages, written in **Golang**. The DNS traffic can be collected and aggregated from simultaneously sources like DNStap streams, network interface or log files -and redirect them to several destinations with some transformation (filtering, sampling, privacy, ...). +and redirect them to several destinations with some transformations on it (filtering, sampling, privacy, ...). DNS-collector also contains DNS parser with [`EDNS`](doc/dnsparser.md) support. ![overview](doc/overview.png) diff --git a/collectors/dns_processor.go b/collectors/dns_processor.go index 4efe1703..cc1f0f04 100644 --- a/collectors/dns_processor.go +++ b/collectors/dns_processor.go @@ -83,7 +83,7 @@ func (d *DnsProcessor) Run(sendTo []chan dnsutils.DnsMessage) { d.LogInfo("dns cached enabled: %t", d.cacheSupport) // prepare enabled transformers - subprocessors := transformers.NewTransforms(d.config, d.logger, d.name) + subprocessors := transformers.NewTransforms(&d.config.IngoingTransformers, d.logger, d.name) // read incoming dns message d.LogInfo("running... waiting incoming dns message") diff --git a/collectors/dnstap_processor.go b/collectors/dnstap_processor.go index 84e6eb10..60f9e4ad 100644 --- a/collectors/dnstap_processor.go +++ b/collectors/dnstap_processor.go @@ -129,7 +129,7 @@ func (d *DnstapProcessor) Run(sendTo []chan dnsutils.DnsMessage) { d.LogInfo("dns cached enabled: %t", d.config.Collectors.Dnstap.CacheSupport) // prepare enabled transformers - subprocessors := transformers.NewTransforms(d.config, d.logger, d.name) + subprocessors := transformers.NewTransforms(&d.config.IngoingTransformers, d.logger, d.name) // read incoming dns message d.LogInfo("running... waiting incoming dns message") diff --git a/collectors/powerdns_processor.go b/collectors/powerdns_processor.go index 867937ad..91d43a87 100644 --- a/collectors/powerdns_processor.go +++ b/collectors/powerdns_processor.go @@ -74,7 +74,7 @@ func (d *PdnsProcessor) Run(sendTo []chan dnsutils.DnsMessage) { pbdm := &powerdns_protobuf.PBDNSMessage{} // prepare enabled transformers - subprocessors := transformers.NewTransforms(d.config, d.logger, d.name) + subprocessors := transformers.NewTransforms(&d.config.IngoingTransformers, d.logger, d.name) // read incoming dns message d.LogInfo("running... waiting incoming dns message") diff --git a/collectors/tail.go b/collectors/tail.go index 2d81757e..0879c9e2 100644 --- a/collectors/tail.go +++ b/collectors/tail.go @@ -98,7 +98,7 @@ func (c *Tail) Run() { } // prepare enabled transformers - subprocessors := transformers.NewTransforms(c.config, c.logger, c.name) + subprocessors := transformers.NewTransforms(&c.config.IngoingTransformers, c.logger, c.name) // init dns message dm := dnsutils.DnsMessage{} diff --git a/config.yml b/config.yml index f7885fb2..1f4a3621 100644 --- a/config.yml +++ b/config.yml @@ -77,6 +77,9 @@ multiplexer: - name: console stdout: mode: text + transforms: + normalize: + qname-lowercase: true routes: - from: [ tap ] @@ -408,8 +411,7 @@ multiplexer: ################################################ -# list of transformers -# transforms: +# list of transforms to apply on collectors or loggers ################################################ # # Use this option to protect user privacy diff --git a/dnscollector.go b/dnscollector.go index 254180ce..dbb64200 100644 --- a/dnscollector.go +++ b/dnscollector.go @@ -68,6 +68,7 @@ func main() { // load config cfg := make(map[string]interface{}) cfg["loggers"] = output.Params + cfg["outgoing-transformers"] = make(map[string]interface{}) for _, p := range output.Params { p.(map[string]interface{})["enable"] = true } @@ -76,6 +77,12 @@ func main() { subcfg := &dnsutils.Config{} subcfg.SetDefault() + // add transformer + for k, v := range output.Transforms { + v.(map[string]interface{})["enable"] = true + cfg["outgoing-transformers"].(map[string]interface{})[k] = v + } + // copy global config subcfg.Global = config.Global @@ -132,7 +139,7 @@ func main() { // load config cfg := make(map[string]interface{}) cfg["collectors"] = input.Params - cfg["transformers"] = make(map[string]interface{}) + cfg["ingoing-transformers"] = make(map[string]interface{}) for _, p := range input.Params { p.(map[string]interface{})["enable"] = true } @@ -144,7 +151,7 @@ func main() { // add transformer for k, v := range input.Transforms { v.(map[string]interface{})["enable"] = true - cfg["transformers"].(map[string]interface{})[k] = v + cfg["ingoing-transformers"].(map[string]interface{})[k] = v } // copy global config @@ -172,6 +179,7 @@ func main() { } } + // here the multiplexer logic // connect collectors between loggers for _, routes := range config.Multiplexer.Routes { var logwrks []dnsutils.Worker diff --git a/dnsutils/config.go b/dnsutils/config.go index ddb3d185..7a14f8ad 100644 --- a/dnsutils/config.go +++ b/dnsutils/config.go @@ -28,12 +28,6 @@ func IsValidTLS(mode string) bool { return false } -type MultiplexTransformers struct { - Name string `yaml:"naame"` - Transforms map[string]interface{} `yaml:",inline"` - Params map[string]interface{} `yaml:",inline"` -} - type MultiplexInOut struct { Name string `yaml:"name"` Transforms map[string]interface{} `yaml:"transforms"` @@ -45,6 +39,81 @@ type MultiplexRoutes struct { Dst []string `yaml:"to,flow"` } +type ConfigTransformers struct { + UserPrivacy struct { + Enable bool `yaml:"enable"` + AnonymizeIP bool `yaml:"anonymize-ip"` + MinimazeQname bool `yaml:"minimaze-qname"` + } `yaml:"user-privacy"` + Normalize struct { + Enable bool `yaml:"enable"` + QnameLowerCase bool `yaml:"qname-lowercase"` + } `yaml:"normalize"` + Filtering struct { + Enable bool `yaml:"enable"` + DropFqdnFile string `yaml:"drop-fqdn-file"` + DropDomainFile string `yaml:"drop-domain-file"` + KeepFqdnFile string `yaml:"keep-fqdn-file"` + KeepDomainFile string `yaml:"keep-domain-file"` + DropQueryIpFile string `yaml:"drop-queryip-file"` + KeepQueryIpFile string `yaml:"keep-queryip-file"` + DropRcodes []string `yaml:"drop-rcodes,flow"` + LogQueries bool `yaml:"log-queries"` + LogReplies bool `yaml:"log-replies"` + Downsample int `yaml:"downsample"` + } `yaml:"filtering"` + GeoIP struct { + Enable bool `yaml:"enable"` + DbCountryFile string `yaml:"mmdb-country-file"` + DbCityFile string `yaml:"mmdb-city-file"` + DbAsnFile string `yaml:"mmdb-asn-file"` + } `yaml:"geoip"` + Suspicious struct { + Enable bool `yaml:"enable"` + ThresholdQnameLen int `yaml:"threshold-qname-len"` + ThresholdPacketLen int `yaml:"threshold-packet-len"` + ThresholdSlow float64 `yaml:"threshold-slow"` + CommonQtypes []string `yaml:"common-qtypes,flow"` + UnallowedChars []string `yaml:"unallowed-chars,flow"` + ThresholdMaxLabels int `yaml:"threshold-max-labels"` + } `yaml:"suspicious"` +} + +func (c *ConfigTransformers) SetDefault() { + c.Suspicious.Enable = false + c.Suspicious.ThresholdQnameLen = 100 + c.Suspicious.ThresholdPacketLen = 1000 + c.Suspicious.ThresholdSlow = 1.0 + c.Suspicious.CommonQtypes = []string{"A", "AAAA", "TXT", "CNAME", "PTR", + "NAPTR", "DNSKEY", "SRV", "SOA", "NS", "MX", "DS"} + c.Suspicious.UnallowedChars = []string{"\"", "==", "/", ":"} + c.Suspicious.ThresholdMaxLabels = 10 + + c.UserPrivacy.Enable = false + c.UserPrivacy.AnonymizeIP = false + c.UserPrivacy.MinimazeQname = false + + c.Normalize.Enable = false + c.Normalize.QnameLowerCase = false + + c.Filtering.Enable = false + c.Filtering.DropFqdnFile = "" + c.Filtering.DropDomainFile = "" + c.Filtering.KeepFqdnFile = "" + c.Filtering.KeepDomainFile = "" + c.Filtering.DropQueryIpFile = "" + c.Filtering.DropRcodes = []string{} + c.Filtering.LogQueries = true + c.Filtering.LogReplies = true + c.Filtering.Downsample = 0 + + c.GeoIP.Enable = false + c.GeoIP.DbCountryFile = "" + c.GeoIP.DbCityFile = "" + c.GeoIP.DbAsnFile = "" +} + +/* main configuration */ type Config struct { Global struct { TextFormat string `yaml:"text-format"` @@ -108,45 +177,7 @@ type Config struct { } `yaml:"pcap"` } `yaml:"collectors"` - Transformers struct { - UserPrivacy struct { - Enable bool `yaml:"enable"` - AnonymizeIP bool `yaml:"anonymize-ip"` - MinimazeQname bool `yaml:"minimaze-qname"` - } `yaml:"user-privacy"` - Normalize struct { - Enable bool `yaml:"enable"` - QnameLowerCase bool `yaml:"qname-lowercase"` - } `yaml:"normalize"` - Filtering struct { - Enable bool `yaml:"enable"` - DropFqdnFile string `yaml:"drop-fqdn-file"` - DropDomainFile string `yaml:"drop-domain-file"` - KeepFqdnFile string `yaml:"keep-fqdn-file"` - KeepDomainFile string `yaml:"keep-domain-file"` - DropQueryIpFile string `yaml:"drop-queryip-file"` - KeepQueryIpFile string `yaml:"keep-queryip-file"` - DropRcodes []string `yaml:"drop-rcodes,flow"` - LogQueries bool `yaml:"log-queries"` - LogReplies bool `yaml:"log-replies"` - Downsample int `yaml:"downsample"` - } `yaml:"filtering"` - GeoIP struct { - Enable bool `yaml:"enable"` - DbCountryFile string `yaml:"mmdb-country-file"` - DbCityFile string `yaml:"mmdb-city-file"` - DbAsnFile string `yaml:"mmdb-asn-file"` - } `yaml:"geoip"` - Suspicious struct { - Enable bool `yaml:"enable"` - ThresholdQnameLen int `yaml:"threshold-qname-len"` - ThresholdPacketLen int `yaml:"threshold-packet-len"` - ThresholdSlow float64 `yaml:"threshold-slow"` - CommonQtypes []string `yaml:"common-qtypes,flow"` - UnallowedChars []string `yaml:"unallowed-chars,flow"` - ThresholdMaxLabels int `yaml:"threshold-max-labels"` - } `yaml:"suspicious"` - } `yaml:"transformers"` + IngoingTransformers ConfigTransformers `yaml:"ingoing-transformers"` Loggers struct { Stdout struct { @@ -294,6 +325,8 @@ type Config struct { } `yaml:"elasticsearch"` } `yaml:"loggers"` + OutgoingTransformers ConfigTransformers `yaml:"outgoing-transformers"` + Multiplexer struct { Collectors []MultiplexInOut `yaml:"collectors"` Loggers []MultiplexInOut `yaml:"loggers"` @@ -360,38 +393,8 @@ func (c *Config) SetDefault() { c.Collectors.IngestPcap.DropReplies = false c.Collectors.IngestPcap.DeleteAfter = false - // Transformers - c.Transformers.Suspicious.Enable = false - c.Transformers.Suspicious.ThresholdQnameLen = 100 - c.Transformers.Suspicious.ThresholdPacketLen = 1000 - c.Transformers.Suspicious.ThresholdSlow = 1.0 - c.Transformers.Suspicious.CommonQtypes = []string{"A", "AAAA", "TXT", "CNAME", "PTR", - "NAPTR", "DNSKEY", "SRV", "SOA", "NS", "MX", "DS"} - c.Transformers.Suspicious.UnallowedChars = []string{"\"", "==", "/", ":"} - c.Transformers.Suspicious.ThresholdMaxLabels = 10 - - c.Transformers.UserPrivacy.Enable = false - c.Transformers.UserPrivacy.AnonymizeIP = false - c.Transformers.UserPrivacy.MinimazeQname = false - - c.Transformers.Normalize.Enable = false - c.Transformers.Normalize.QnameLowerCase = false - - c.Transformers.Filtering.Enable = false - c.Transformers.Filtering.DropFqdnFile = "" - c.Transformers.Filtering.DropDomainFile = "" - c.Transformers.Filtering.KeepFqdnFile = "" - c.Transformers.Filtering.KeepDomainFile = "" - c.Transformers.Filtering.DropQueryIpFile = "" - c.Transformers.Filtering.DropRcodes = []string{} - c.Transformers.Filtering.LogQueries = true - c.Transformers.Filtering.LogReplies = true - c.Transformers.Filtering.Downsample = 0 - - c.Transformers.GeoIP.Enable = false - c.Transformers.GeoIP.DbCountryFile = "" - c.Transformers.GeoIP.DbCityFile = "" - c.Transformers.GeoIP.DbAsnFile = "" + // Transformers for collectors + c.IngoingTransformers.SetDefault() // Loggers c.Loggers.Stdout.Enable = false @@ -523,6 +526,10 @@ func (c *Config) SetDefault() { c.Loggers.ElasticSearchClient.Enable = false c.Loggers.ElasticSearchClient.URL = "" + + // Transformers for loggers + c.OutgoingTransformers.SetDefault() + } func (c *Config) GetServerIdentity() string { @@ -583,3 +590,9 @@ func GetFakeConfig() *Config { config.SetDefault() return config } + +func GetFakeConfigTransformers() *ConfigTransformers { + config := &ConfigTransformers{} + config.SetDefault() + return config +} diff --git a/doc/configuration.md b/doc/configuration.md index 4f462e45..49fc5e60 100644 --- a/doc/configuration.md +++ b/doc/configuration.md @@ -161,7 +161,7 @@ multiplexer: ``` ## Transformers -Some transformations can be done after the collect. +Some transformations can be done on collectors or loggers. ### Normalize diff --git a/doc/overview2.png b/doc/metrics.png similarity index 100% rename from doc/overview2.png rename to doc/metrics.png diff --git a/doc/overview.drawio b/doc/overview.drawio index 40719f94..19083026 100644 --- a/doc/overview.drawio +++ b/doc/overview.drawio @@ -1 +1 @@ -5Vxte5o6GP41fpQLkhDCR61tt562607Xres3KlHZkDjEqfv1J1RQTAJiBdEze1294OHh7c79vCbaghfjxXXoTEZ3zKV+C+juogV7LQBsYvD/sWC5EpgGWgmGoeeuRMZG8Oj9oYlQT6Qzz6XTLcWIMT/yJtvCPgsC2o+2ZE4Ysvm22oD523edOEMqCR77ji9Lv3luNFpJialv5B+oNxyldzb05MjYSZUTwXTkuGyeEcHLFrwIGYtWW+PFBfVj7FJcVudd5RxdP1hIg6jMCd0/5pcxmL5Onr/dB8TpXP+wL9rJVX47/ix54eRho2WKQMhmgUvji+gt2J2PvIg+Tpx+fHTOh5zLRtHY53sG35xGIftJL5jPQi4JWMDVugPP91NRC8CBGf/FchZEGfnqw+Xym6WPScOILjKi5E2vKRvTKFxyleQoQAnqS2F/vhlEM+XYKDOAwE6ETkKc4fraG2z5RgLvHlDDfaA2dkMtoOo6lAz6eUPghP3EtvSKAMb2NsAm0EwJYkMJMbZS1cpBRgqQsc9v3H3lG8N4gyPjc0/Bwml6iN9pfVQaE45HtCfHU8x9bxjw3T5HmXJ5N0bX466lkxwYe64b30Y50ttmV8GIQR2VGDGkGrC6TMKs1yQGgwHoH88ksCH4HNPSgMIm4JFtAu+2iVs2HNK/zSCwCTXLLDNkRzUKSxouN5hGHILqA3MVcYBgTcCQyABaa1eThRDWxXgiQfgYOZE35WSbniaMGCENEgFHfU3PLJQKLkJ7zdrKsbQlLLmzuPI4eucCJLKIZpcDEhmaXheQhpxr3/ELnxMloWUeGUmzjV7neG68fOiPL5/w89eegdrpU2UQoy6v2pJdFkYjNmSB419upEL42OjcMjZJkPxBo2iZ5ATOLGIqnNMikAPXdZ3paJ2axDsPTsQDW/AmAbqxHof46bZGQTEwUzYL+7SIP0lyFDnhkEZF8JjqcQ2pz53g7+0nUQ3O26mdMHSWGYUJ84JoKo3d+voHGAaQDKN3whFP5WEAD4KonF1ADeGaPMyaSke1C45kuHxOzn/b+R7vaGa621tkD/aWyV5eV2B73PgR/PZRWmApa1IaSdpLyhhTUTYmWPChxjVePMTmtCGVAbZrB6gL6eXqhZKzNjzJt9Kc+2DxPih7uRL6QKDp6gnUZwNTONsC22+1gl96q3d4FuUgI+ucDOKIAaYNly//YraYfLu78RZ3bm9501GZhDq+HGoCZZ1c0VNmgoWmaWcTKSCwVQWmMlJs0v9DQPS+fBzd9Bberb40rY7/7AznC0VSn5b+rvc7rfx9NuQ6g7dUf90XyBw/TdDlghTatqZnP1jGX12fVtKTMT/dvZA7rCP29P3j7ezlt+NY58RiGVCE5WZ6nQh+/3I/uv1JPv/oBPPuza+Lf66fJmlX67iuXWowUqxoMMbdeMt+1Us49VLeWvn+sGQCk2bXFWcw+yYeWBc4ZAizVbv0EclPPN6RLygxbSRdEOdxTEpcpOIUAa/wkDz4IBrZJ8kiaO3JItuun0WqiT4puN6y4TSGi80iLxjmBVjptPEsnvr26YKGdQRl0b+RPs2fQKkgtiCxQECWahZRV6RHxKopsKAmnEBezQB2FQ104UXP6UX4dqbU4Hubk+Kd/EJjfx9UyuMUVdRZj1NkRg17HCR6HB0WehxJH1frcRbz3tX9kl312+Tzp+tZu7P4SpWrOCTXkc4ilfQ0kb+eDnwNRb0zLQQQ0AyrbOpaQeKqHCzQiH85ZTdRxOmGzR/aQoDCxQmHpG8VmL98thgODSDWTzl9QNkPSa03e/tC1bXelN7bPBeWN1PSFXVlziQyilRHBilkpKSv661c06gqMjaSzDVDqaI+05lQKqXEmiKk2NtK+qCAUjIhhTWia5e5t6/FoiUIF6rO1ypJ3oivbXb6Dsi8PmIWoZgmEzJNEmeam46zUYpYu6fc5Rk2yxKTXDlnqJl+ZzXJ1ixtFd22okygdtpaWLN127YRBpjYRlLbbiZOSMn0c+9paETEpZfISJmcOxdd4qRdE9L8hYHYQsT12Yt6VrolV+uHFNAtdWGsYGhurWxAJOKSKYsztTJRrT6soBNXtEajuK3xwOY07N0/lm5suMHU9abRcZobVYwNkMeGwGZHZq+F+41RGEJ5nvKoMAEJpqfgNcalebRkUuV0x44KmLz2vXmkoBgUoaaTZmGSZ5i63kmQahsqpDfsptI67G9LTfddDqYET9GNym8x1FBR8WRPWGVrG5ph2puPQJuKclMgLMVE2y3cffV3ZqQ8g4V7vWfN6an85ZnmHYsc2xFu3g3Lq+gOXsRVT2hHVtOOWObQWa2s2dehHrTUhlThUPf1eqa130SXpF/UzZfPFpeVk3e2XrEZL7GVGm3rlNaW1tDW7D0NeAJMr2rG4S+gPSmclNqpD41DaC9NFFRDewRMTYcIEWCZBAP9uPkDlNs2j17w88BvOVYQGC1b8A6Q51kwsy684XYXVHVVMu2rDHb41yz+2Zi3X1BpT9+8QocrGMZksWpkJcfF1lasf9CF3GDa7qc/oFHYQlvd6qQ7ayIhEODhouEOCGqkZD3iV4/U1FcsCqwlSBxmoHJ76mIW+ifHY0AMzUKZAlL+aupxOd3IKoymOY1ASU4bx/o+XeFjZkj9EMbXHtHZCcZsy9Lshst+1Mzatmq6iudSBB9sFO8qB7Curkvzv18i6Nu4WD91hWr9/2HVzHc3P3G4Ut/8TiS8/A8= \ No newline at end of file +7Vxte5o6GP41XtfOB7mAhAAftbbdetquXdut6zcqUdmQOMSq+/UnKCgk4cUKottxH0aehLc79/NK0hY4Gy8ufWsyuiE2dluqbC9aoNdSVUUxNPpfKFmuJUhV1oKh79jRoK3gwfmNI6EcSWeOjaepgQEhbuBM0sI+8TzcD1Iyy/fJPD1sQNz0XSfWEHOCh77l8tJvjh2M1lJDk7fyj9gZjuI7K3LUM7biwZFgOrJsMk+IwHkLnPmEBOuj8eIMuyF4MS7r8y4yejcP5mMvKHNC97f2OFanr5Pnb7eeYXUuf5hn7egqb5Y7i144ethgGSPgk5ln4/Aicgt05yMnwA8Tqx/2zumcU9koGLu0pdDDaeCTn/iMuMSnEo94dFh34LhuLGqpYKCF/0I58YKEfP2jcv7N4sfEfoAXCVH0ppeYjHHgL+mQqFeFEepLpj3fTqIWc2yUmEDVjIRWRJzh5tpbbOlBBO8OUINdoFaKoWZQtS1sDPpZU2D5/Ui35IoARmYaYE2VNA5iJb5wCmKkx0MrBxkKQEYuvXH3lR4MwwOKjEstBfGncRe906aXmxOKR7Ajx2PMXWfo0WafooypvBui61DT0ok6xo5th7cRznRa7SqYMSDDEjMGRTpRl0po9arEYDBQ+4dTCaQwNkfTJVWgE0AEcY06gYp14poMh/hvUwikAUnXykzZQZVC56bL9qYBhaB6x1yFHzCQxGBo8K5W35iaJISwLghNDkJK8AuHAneUGCIIJWCkQATUHsjJH+IxFZASalJsQysHVeFjxRt6Yac/PRlUhdQUwahKcl0wxi+SgAvbNOWImsQPRmRIPMs930oZ27cdc03IJILxBw6CZeTQrFlA0iBTGP3lc3T+qvE9bITGLmr3Fsne3jJqZcXu6VmjPWj12/TEyZKaN5mB5Q9xUGwLQ4Byp9zHrhU4b+mcTTR10al3xKGPsjVijOcGMmOZpmTm93F01pYAHd+3lolhk3DAtPx94mRjy6f1FTPO1pin1BmOruHknnJF0w1YpZirteHrHM2Vl4/98fkTev7aU2Ab6sfE3CLi8jS0reloE0mGjTsroHGIt5KospLH1DUB1qI2WL58QWQx+XZz5Sxu7N7yqtMWMFoIIlBqofSuTERGmktQh0nK7Do+zdx3EM55/DS66i2ca3mp6R332RrOFwI3HgeotvMWx6eB5biJuDXRc5xuiQ+YgK5Jppbw9XwAKo6fQCU5g/b55sW4QTIkT98/Xc9e3ixLF9SFJEk6FUAhOmQE+v3xdnT907j/0fHm3atfZ/9ePk3inOuwppJLfzESpL9hrUg3X+USRrKUORS+Pyjp4M2jsIaaqacJJDOl1ILxYCc/jnRTAmbil743y8nqvHreTOUb2ZtZWHF38YKm7Rm2ljvnC5kFjjfc1Bp8dmyV1pqlvtHH2ZWfCowOZGMxqIvKn7IguTD0mmwOPKbwrDCxwAsneI4vQo8TUR1tbU8KG9kxHVsE17BhQ5HJM9RXsEpPStm0vGQkadPyNKphmwZlJsoosGnc+KjAX1WEJ4RKa4Sy72BeM641Lyo+FRqyqbWp5dMwf/zeNFzMexe3S3LRbxv3ny9n7c7iK27GcjZDqbxo/1QoJTO5qFFk2Zjx6i7RGmC+JG88f0FtiH8MxFxIqS3QE5K8EVtbRfkwK8TQi0KMcgohqtKovEI0WZ9UEOObDVVS9G3BQCnFyGw9y+SsqutssUJR2aJDzbxtpOpYa9m7kH6C7DkvFKidfjqSTJkmqhCpyDAVGTAu2mApUVW9XGMtt5JPV3a8vFN9nb6mypbmUH1sFxfZW3w6vk9iXFD0zuVp+XRYAZCFLlFxS2TEhiAhBhUkxEIsRYvbuDLFHZljv3f7ULquYXtT25kGh6lrHGj6VH76DNDs5O20Nuh4kOQVAQC+Gn1QJFUOySfvNYTuJADlqQlgGP00iym/SOckwASs5waSbDSLJF9/7jqnQs00mlBu2GTGCeVxVIAbXVlSGGILqmh5pZH6MzxD0tOLlaCpSIqW+EzE0KaqGBvsVk0pGF8YY9OEEuz0njUH3MaJWnLOLULUvDHnV2zsvWygsTAD6g2bc8DnLw+O93PP5Zb7rIIqj6fOrhfStKL1rAfFFjZS8q9vTZr4JVXeyeUu7W24sM+SBkQsyXJFBeP3/laUC2pCK+/88KojPDtJ1VSNI1PNZj4KVxPFlliA8M4odq9lVkei4JrOKGxBrMmNl5VWpoLzZyPx3Xb+coe0cCcB97llU44wN9uIqo9ZP9/rY/VLu6N+nP8av5A7e941BRWdVJ0yoTro1yzcX7zaatuersjfoQPMyWJdsIy62RJmOHyf6zz6ljcdEH+c3FK2vmh+rfSo3uLDne+8WX3KcDpNMo1k/8kt+pZ5P9awua4zmeJi1/CO9W2cRxCYmEwnARST0TxTUM1HAr9QxZJaIemP4vv13os03utnhPa7MqeRvaXh4C7CZLIw9q8aFI3Xc5atFboIyO7q3MlF6JlrejWjLv+QtxnlFFbvC3bp0VyRszTCXXqVbH8Q2hpRef+oXNO7HeypOCBuw5EBN1FWUx4orq//gbQ4qrf4QMlG897V5oG/LvLiiB+vXmyM9QXLKJrnyx9vDNlo/CiM4Z+bhJ4sLRo3FQWbyf7nxMHdR62JO21u/37dOnnZ/hVAcP4f \ No newline at end of file diff --git a/doc/overview.png b/doc/overview.png index eb56acc7..158e92c9 100644 Binary files a/doc/overview.png and b/doc/overview.png differ diff --git a/loggers/dnstap.go b/loggers/dnstap.go index e066fb37..c7743068 100644 --- a/loggers/dnstap.go +++ b/loggers/dnstap.go @@ -8,6 +8,7 @@ import ( "time" "github.com/dmachard/go-dnscollector/dnsutils" + "github.com/dmachard/go-dnscollector/transformers" "github.com/dmachard/go-dnstap-protobuf" "github.com/dmachard/go-framestream" "github.com/dmachard/go-logger" @@ -83,6 +84,9 @@ func (o *DnstapSender) Stop() { func (o *DnstapSender) Run() { o.LogInfo("running in background...") + // prepare transforms + subprocessors := transformers.NewTransforms(&o.config.OutgoingTransformers, o.logger, o.name) + dt := &dnstap.Dnstap{} frame := &framestream.Frame{} @@ -147,6 +151,11 @@ LOOP: select { case dm := <-o.channel: + // apply tranforms + if subprocessors.ProcessMessage(&dm) == transformers.RETURN_DROP { + continue + } + dt.Reset() t := dnstap.Dnstap_MESSAGE @@ -240,6 +249,11 @@ LOOP: o.LogInfo("closing tcp connection") o.conn.Close() } + o.LogInfo("run terminated") + + // cleanup transformers + subprocessors.Reset() + o.done <- true } diff --git a/loggers/elasticsearch.go b/loggers/elasticsearch.go index 32407f05..7b78cd1a 100644 --- a/loggers/elasticsearch.go +++ b/loggers/elasticsearch.go @@ -6,6 +6,7 @@ import ( "time" "github.com/dmachard/go-dnscollector/dnsutils" + "github.com/dmachard/go-dnscollector/transformers" "github.com/dmachard/go-logger" "net/http" @@ -80,7 +81,15 @@ func (o *ElasticSearchClient) Stop() { func (o *ElasticSearchClient) Run() { o.LogInfo("running in background...") + // prepare transforms + subprocessors := transformers.NewTransforms(&o.config.OutgoingTransformers, o.logger, o.name) + for dm := range o.channel { + // apply tranforms + if subprocessors.ProcessMessage(&dm) == transformers.RETURN_DROP { + continue + } + data := ElasticSearchData{ Identity: dm.DnsTap.Identity, QueryIP: dm.NetworkInfo.QueryIp, @@ -107,6 +116,10 @@ func (o *ElasticSearchClient) Run() { } o.LogInfo("run terminated") + + // cleanup transformers + subprocessors.Reset() + // the job is done o.done <- true } diff --git a/loggers/fluentd.go b/loggers/fluentd.go index c7bac837..d7bac805 100644 --- a/loggers/fluentd.go +++ b/loggers/fluentd.go @@ -7,6 +7,7 @@ import ( "time" "github.com/dmachard/go-dnscollector/dnsutils" + "github.com/dmachard/go-dnscollector/transformers" "github.com/dmachard/go-logger" "github.com/vmihailenco/msgpack" ) @@ -73,6 +74,9 @@ func (o *FluentdClient) Stop() { func (o *FluentdClient) Run() { o.LogInfo("running in background...") + // prepare transforms + subprocessors := transformers.NewTransforms(&o.config.OutgoingTransformers, o.logger, o.name) + LOOP: for { LOOP_RECONNECT: @@ -119,6 +123,11 @@ LOOP: for { select { case dm := <-o.channel: + // apply tranforms + if subprocessors.ProcessMessage(&dm) == transformers.RETURN_DROP { + continue + } + // prepare event tm, _ := msgpack.Marshal(dm.DnsTap.TimeSec) record, err := msgpack.Marshal(dm) @@ -161,6 +170,11 @@ LOOP: o.LogInfo("closing tcp connection") o.conn.Close() } + o.LogInfo("run terminated") + + // cleanup transformers + subprocessors.Reset() + o.done <- true } diff --git a/loggers/influxdb.go b/loggers/influxdb.go index af5a0e9a..fa61295f 100644 --- a/loggers/influxdb.go +++ b/loggers/influxdb.go @@ -5,6 +5,7 @@ import ( "time" "github.com/dmachard/go-dnscollector/dnsutils" + "github.com/dmachard/go-dnscollector/transformers" "github.com/dmachard/go-logger" influxdb2 "github.com/influxdata/influxdb-client-go" @@ -81,6 +82,9 @@ func (o *InfluxDBClient) Stop() { func (o *InfluxDBClient) Run() { o.LogInfo("running in background...") + // prepare transforms + subprocessors := transformers.NewTransforms(&o.config.OutgoingTransformers, o.logger, o.name) + // prepare options for influxdb opts := influxdb2.DefaultOptions() opts.SetUseGZip(true) @@ -105,6 +109,12 @@ func (o *InfluxDBClient) Run() { o.influxdbConn = influxClient o.writeAPI = writeAPI for dm := range o.channel { + + // apply tranforms + if subprocessors.ProcessMessage(&dm) == transformers.RETURN_DROP { + continue + } + p := influxdb2.NewPointWithMeasurement("dns"). AddTag("Identity", dm.DnsTap.Identity). AddTag("QueryIP", dm.NetworkInfo.QueryIp). @@ -121,6 +131,10 @@ func (o *InfluxDBClient) Run() { } o.LogInfo("run terminated") + + // cleanup transformers + subprocessors.Reset() + // the job is done o.done <- true } diff --git a/loggers/logfile.go b/loggers/logfile.go index bff4e59f..89a3968b 100644 --- a/loggers/logfile.go +++ b/loggers/logfile.go @@ -17,6 +17,7 @@ import ( "time" "github.com/dmachard/go-dnscollector/dnsutils" + "github.com/dmachard/go-dnscollector/transformers" "github.com/dmachard/go-logger" ) @@ -341,6 +342,10 @@ func (o *LogFile) Rotate() error { func (o *LogFile) Run() { o.LogInfo("running in background...") + // prepare transforms + subprocessors := transformers.NewTransforms(&o.config.OutgoingTransformers, o.logger, o.name) + + // prepare some timers tflush_interval := time.Duration(o.config.Loggers.LogFile.FlushInterval) * time.Second tflush := time.NewTimer(tflush_interval) o.commpressTimer = time.NewTimer(time.Duration(o.config.Loggers.LogFile.CompressInterval) * time.Second) @@ -355,6 +360,11 @@ LOOP: break LOOP } + // apply tranforms + if subprocessors.ProcessMessage(&dm) == transformers.RETURN_DROP { + continue + } + // write to file switch o.config.Loggers.LogFile.Mode { case dnsutils.MODE_TEXT: @@ -385,6 +395,9 @@ LOOP: o.LogInfo("run terminated") + // cleanup transformers + subprocessors.Reset() + // the job is done o.done <- true } diff --git a/loggers/lokiclient.go b/loggers/lokiclient.go index 0037e047..633ab7fa 100644 --- a/loggers/lokiclient.go +++ b/loggers/lokiclient.go @@ -14,6 +14,7 @@ import ( "time" "github.com/dmachard/go-dnscollector/dnsutils" + "github.com/dmachard/go-dnscollector/transformers" "github.com/dmachard/go-logger" "github.com/gogo/protobuf/proto" "github.com/grafana/dskit/backoff" @@ -165,17 +166,26 @@ func (o *LokiClient) Stop() { func (o *LokiClient) Run() { o.LogInfo("running in background...") + + // prepare transforms + subprocessors := transformers.NewTransforms(&o.config.OutgoingTransformers, o.logger, o.name) + + // prepare buffer buffer := new(bytes.Buffer) + // prepare timers tflush_interval := time.Duration(o.config.Loggers.LokiClient.FlushInterval) * time.Second tflush := time.NewTimer(tflush_interval) LOOP: - /* for { - LOOP_RECONNECT:*/ for { select { case dm := <-o.channel: + // apply tranforms + if subprocessors.ProcessMessage(&dm) == transformers.RETURN_DROP { + continue + } + if _, ok := o.streams[dm.DnsTap.Identity]; !ok { o.streams[dm.DnsTap.Identity] = &LokiStream{config: o.config, logger: o.logger, name: dm.DnsTap.Identity} o.streams[dm.DnsTap.Identity].Init() @@ -200,10 +210,7 @@ LOOP: o.streams[dm.DnsTap.Identity].stream.Entries = append(o.streams[dm.DnsTap.Identity].stream.Entries, entry) // flush ? - //fmt.Println(o.streams[dm.DnsTap.Identity].sizeentries) if o.streams[dm.DnsTap.Identity].sizeentries >= o.config.Loggers.LokiClient.BatchSize { - // fmt.Println("batch completed!") - // encode log entries buf, err := o.streams[dm.DnsTap.Identity].Encode2Proto() if err != nil { @@ -216,13 +223,6 @@ LOOP: // send all entries o.SendEntries(buf) - /*err = o.SendEntries(buf) - fmt.Println(err) - if err != nil { - o.LogError("error sending log entries - %v", err) - break LOOP_RECONNECT - })*/ - // reset entries and push request o.streams[dm.DnsTap.Identity].ResetEntries() } @@ -244,13 +244,6 @@ LOOP: // send all entries o.SendEntries(buf) - /* err = o.SendEntries(buf) - if err != nil { - o.LogError("error sending log entries - %v", err) - // restart timer - tflush.Reset(tflush_interval) - break LOOP_RECONNECT - }*/ // reset entries and push request s.ResetEntries() @@ -265,12 +258,13 @@ LOOP: } } - /* o.LogInfo("retry in %d seconds", o.config.Loggers.LokiClient.RetryInterval) - time.Sleep(time.Duration(o.config.Loggers.LokiClient.RetryInterval) * time.Second) - }*/ // if buffer is not empty, we accept to lose log entries o.LogInfo("run terminated") + + // cleanup transformers + subprocessors.Reset() + // the job is done o.done <- true } diff --git a/loggers/pcapfile.go b/loggers/pcapfile.go index a966948c..c14bb9e8 100644 --- a/loggers/pcapfile.go +++ b/loggers/pcapfile.go @@ -16,6 +16,7 @@ import ( "time" "github.com/dmachard/go-dnscollector/dnsutils" + "github.com/dmachard/go-dnscollector/transformers" "github.com/dmachard/go-logger" "github.com/google/gopacket" "github.com/google/gopacket/layers" @@ -349,6 +350,9 @@ func (o *PcapWriter) Write(dm dnsutils.DnsMessage, pkt []gopacket.SerializableLa func (o *PcapWriter) Run() { o.LogInfo("running in background...") + // prepare transforms + subprocessors := transformers.NewTransforms(&o.config.OutgoingTransformers, o.logger, o.name) + eth := &layers.Ethernet{SrcMAC: net.HardwareAddr{0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, DstMAC: net.HardwareAddr{0x00, 0x00, 0x00, 0x00, 0x00, 0x00}} ip4 := &layers.IPv4{Version: 4, TTL: 64} @@ -366,6 +370,11 @@ LOOP: break LOOP } + // apply tranforms + if subprocessors.ProcessMessage(&dm) == transformers.RETURN_DROP { + continue + } + // prepare ip srcIp, srcPort, dstIp, dstPort := o.GetIpPort(&dm) @@ -442,6 +451,9 @@ LOOP: } o.LogInfo("run terminated") + // cleanup transformers + subprocessors.Reset() + // the job is done o.done <- true } diff --git a/loggers/prometheus.go b/loggers/prometheus.go index 38a63775..41dd0aff 100644 --- a/loggers/prometheus.go +++ b/loggers/prometheus.go @@ -12,6 +12,7 @@ import ( "time" "github.com/dmachard/go-dnscollector/dnsutils" + "github.com/dmachard/go-dnscollector/transformers" "github.com/dmachard/go-logger" "github.com/dmachard/go-topmap" "github.com/prometheus/client_golang/prometheus" @@ -790,6 +791,9 @@ func (s *Prometheus) ListenAndServe() { func (s *Prometheus) Run() { s.LogInfo("running in background...") + // prepare transforms + subprocessors := transformers.NewTransforms(&s.config.OutgoingTransformers, s.logger, s.name) + // start http server go s.ListenAndServe() @@ -805,6 +809,12 @@ LOOP: s.LogInfo("channel closed") break LOOP } + + // apply tranforms + if subprocessors.ProcessMessage(&dm) == transformers.RETURN_DROP { + continue + } + // record the dnstap message s.Record(dm) @@ -819,6 +829,9 @@ LOOP: } s.LogInfo("run terminated") + // cleanup transformers + subprocessors.Reset() + // the job is done s.done <- true } diff --git a/loggers/statsd.go b/loggers/statsd.go index 9069a405..681774bb 100644 --- a/loggers/statsd.go +++ b/loggers/statsd.go @@ -9,6 +9,7 @@ import ( "time" "github.com/dmachard/go-dnscollector/dnsutils" + "github.com/dmachard/go-dnscollector/transformers" "github.com/dmachard/go-logger" ) @@ -82,7 +83,10 @@ func (o *StatsdClient) Stop() { func (o *StatsdClient) Run() { o.LogInfo("running in background...") - // init timer to compute qps + // prepare transforms + subprocessors := transformers.NewTransforms(&o.config.OutgoingTransformers, o.logger, o.name) + + // prepare timer to compute qps t1_interval := 1 * time.Second t1 := time.NewTimer(t1_interval) @@ -99,6 +103,12 @@ LOOP: o.LogInfo("channel closed") break LOOP } + + // apply tranforms + if subprocessors.ProcessMessage(&dm) == transformers.RETURN_DROP { + continue + } + // record the dnstap message o.stats.Record(dm) @@ -198,6 +208,10 @@ LOOP: } o.LogInfo("run terminated") + + // cleanup transformers + subprocessors.Reset() + // the job is done o.done <- true } diff --git a/loggers/stdout.go b/loggers/stdout.go index 65e02311..1699be82 100644 --- a/loggers/stdout.go +++ b/loggers/stdout.go @@ -9,6 +9,7 @@ import ( "strings" "github.com/dmachard/go-dnscollector/dnsutils" + "github.com/dmachard/go-dnscollector/transformers" "github.com/dmachard/go-logger" ) @@ -79,8 +80,18 @@ func (o *StdOut) Stop() { func (o *StdOut) Run() { o.LogInfo("running in background...") + // prepare transforms + subprocessors := transformers.NewTransforms(&o.config.OutgoingTransformers, o.logger, o.name) + + // standard output buffer buffer := new(bytes.Buffer) + for dm := range o.channel { + // apply tranforms + if subprocessors.ProcessMessage(&dm) == transformers.RETURN_DROP { + continue + } + switch o.config.Loggers.Stdout.Mode { case dnsutils.MODE_TEXT: o.stdout.Print(dm.String(o.textFormat)) @@ -92,6 +103,9 @@ func (o *StdOut) Run() { } o.LogInfo("run terminated") + // cleanup transformers + subprocessors.Reset() + // the job is done o.done <- true } diff --git a/loggers/syslog.go b/loggers/syslog.go index 850ecb42..997c1c0e 100644 --- a/loggers/syslog.go +++ b/loggers/syslog.go @@ -11,6 +11,7 @@ import ( syslog "github.com/RackSec/srslog" "github.com/dmachard/go-dnscollector/dnsutils" + "github.com/dmachard/go-dnscollector/transformers" "github.com/dmachard/go-logger" ) @@ -137,6 +138,9 @@ func (o *Syslog) Stop() { func (o *Syslog) Run() { o.LogInfo("running in background...") + // prepare enabled transformers + subprocessors := transformers.NewTransforms(&o.config.OutgoingTransformers, o.logger, o.name) + var syslogconn *syslog.Writer var err error buffer := new(bytes.Buffer) @@ -171,6 +175,11 @@ func (o *Syslog) Run() { o.syslogConn = syslogconn for dm := range o.channel { + // apply tranforms + if subprocessors.ProcessMessage(&dm) == transformers.RETURN_DROP { + continue + } + switch o.config.Loggers.Syslog.Mode { case dnsutils.MODE_TEXT: delimiter := "\n" @@ -183,6 +192,10 @@ func (o *Syslog) Run() { } o.LogInfo("run terminated") + + // cleanup transformers + subprocessors.Reset() + // the job is done o.done <- true } diff --git a/loggers/tcpclient.go b/loggers/tcpclient.go index 2c721615..9a32181c 100644 --- a/loggers/tcpclient.go +++ b/loggers/tcpclient.go @@ -10,6 +10,7 @@ import ( "time" "github.com/dmachard/go-dnscollector/dnsutils" + "github.com/dmachard/go-dnscollector/transformers" "github.com/dmachard/go-logger" ) @@ -82,6 +83,9 @@ func (o *TcpClient) Stop() { func (o *TcpClient) Run() { o.LogInfo("running in background...") + // prepare transforms + subprocessors := transformers.NewTransforms(&o.config.OutgoingTransformers, o.logger, o.name) + LOOP: for { LOOP_RECONNECT: @@ -129,6 +133,11 @@ LOOP: select { case dm := <-o.channel: + // apply tranforms + if subprocessors.ProcessMessage(&dm) == transformers.RETURN_DROP { + continue + } + if o.config.Loggers.TcpClient.Mode == dnsutils.MODE_TEXT { w.Write(dm.Bytes(o.textFormat, o.config.Loggers.TcpClient.Delimiter)) } @@ -161,6 +170,11 @@ LOOP: o.LogInfo("closing tcp connection") o.conn.Close() } + o.LogInfo("run terminated") + + // cleanup transformers + subprocessors.Reset() + o.done <- true } diff --git a/loggers/webserver.go b/loggers/webserver.go index 628efff4..1cb06577 100644 --- a/loggers/webserver.go +++ b/loggers/webserver.go @@ -10,6 +10,7 @@ import ( "time" "github.com/dmachard/go-dnscollector/dnsutils" + "github.com/dmachard/go-dnscollector/transformers" "github.com/dmachard/go-logger" ) @@ -432,6 +433,9 @@ func (s *Webserver) ListenAndServe() { func (s *Webserver) Run() { s.LogInfo("running in background...") + // prepare transforms + subprocessors := transformers.NewTransforms(&s.config.OutgoingTransformers, s.logger, s.name) + // start http server go s.ListenAndServe() @@ -448,6 +452,12 @@ LOOP: s.LogInfo("channel closed") break LOOP } + + // apply tranforms + if subprocessors.ProcessMessage(&dm) == transformers.RETURN_DROP { + continue + } + // record the dnstap message s.stats.Record(dm) @@ -462,6 +472,9 @@ LOOP: s.LogInfo("run terminated") + // cleanup transformers + subprocessors.Reset() + // the job is done s.done <- true } diff --git a/transformers/filtering.go b/transformers/filtering.go index e332ac51..e8537a46 100644 --- a/transformers/filtering.go +++ b/transformers/filtering.go @@ -14,7 +14,7 @@ import ( ) type FilteringProcessor struct { - config *dnsutils.Config + config *dnsutils.ConfigTransformers logger *logger.Logger dropDomains bool keepDomains bool @@ -32,7 +32,7 @@ type FilteringProcessor struct { activeFilters []func(dm *dnsutils.DnsMessage) bool } -func NewFilteringProcessor(config *dnsutils.Config, logger *logger.Logger, name string) FilteringProcessor { +func NewFilteringProcessor(config *dnsutils.ConfigTransformers, logger *logger.Logger, name string) FilteringProcessor { // creates a new file watcher watcher, err := fsnotify.NewWatcher() if err != nil { @@ -67,11 +67,11 @@ func NewFilteringProcessor(config *dnsutils.Config, logger *logger.Logger, name func (p *FilteringProcessor) LoadActiveFilters() { // TODO: Change to iteration through Filtering to add filters in custom order. - if !p.config.Transformers.Filtering.LogQueries { + if !p.config.Filtering.LogQueries { p.activeFilters = append(p.activeFilters, p.ignoreQueryFilter) } - if !p.config.Transformers.Filtering.LogReplies { + if !p.config.Filtering.LogReplies { p.activeFilters = append(p.activeFilters, p.ignoreReplyFilter) } @@ -79,7 +79,7 @@ func (p *FilteringProcessor) LoadActiveFilters() { p.activeFilters = append(p.activeFilters, p.rCodeFilter) } - if len(p.config.Transformers.Filtering.KeepQueryIpFile) > 0 || len(p.config.Transformers.Filtering.DropQueryIpFile) > 0 { + if len(p.config.Filtering.KeepQueryIpFile) > 0 || len(p.config.Filtering.DropQueryIpFile) > 0 { p.activeFilters = append(p.activeFilters, p.ipFilter) } @@ -100,15 +100,15 @@ func (p *FilteringProcessor) LoadActiveFilters() { } // set downsample if desired - if p.config.Transformers.Filtering.Downsample > 0 { - p.downsample = p.config.Transformers.Filtering.Downsample + if p.config.Filtering.Downsample > 0 { + p.downsample = p.config.Filtering.Downsample p.downsampleCount = 0 p.activeFilters = append(p.activeFilters, p.downsampleFilter) } } func (p *FilteringProcessor) LoadRcodes() { - for _, v := range p.config.Transformers.Filtering.DropRcodes { + for _, v := range p.config.Filtering.DropRcodes { p.mapRcodes[v] = true } } @@ -152,16 +152,16 @@ func (p *FilteringProcessor) loadQueryIpList(fname string, drop bool) (uint64, e } func (p *FilteringProcessor) LoadQueryIpList() { - if len(p.config.Transformers.Filtering.DropQueryIpFile) > 0 { - read, err := p.loadQueryIpList(p.config.Transformers.Filtering.DropQueryIpFile, true) + if len(p.config.Filtering.DropQueryIpFile) > 0 { + read, err := p.loadQueryIpList(p.config.Filtering.DropQueryIpFile, true) if err != nil { p.LogError("unable to open query ip file: ", err) } p.LogInfo("loaded with %d query ip to the drop list", read) } - if len(p.config.Transformers.Filtering.KeepQueryIpFile) > 0 { - read, err := p.loadQueryIpList(p.config.Transformers.Filtering.KeepQueryIpFile, false) + if len(p.config.Filtering.KeepQueryIpFile) > 0 { + read, err := p.loadQueryIpList(p.config.Filtering.KeepQueryIpFile, false) if err != nil { p.LogError("unable to open query ip file: ", err) } @@ -170,8 +170,8 @@ func (p *FilteringProcessor) LoadQueryIpList() { } func (p *FilteringProcessor) LoadDomainsList() { - if len(p.config.Transformers.Filtering.DropFqdnFile) > 0 { - file, err := os.Open(p.config.Transformers.Filtering.DropFqdnFile) + if len(p.config.Filtering.DropFqdnFile) > 0 { + file, err := os.Open(p.config.Filtering.DropFqdnFile) if err != nil { p.LogError("unable to open fqdn file: ", err) p.dropDomains = true @@ -193,8 +193,8 @@ func (p *FilteringProcessor) LoadDomainsList() { } - if len(p.config.Transformers.Filtering.DropDomainFile) > 0 { - file, err := os.Open(p.config.Transformers.Filtering.DropDomainFile) + if len(p.config.Filtering.DropDomainFile) > 0 { + file, err := os.Open(p.config.Filtering.DropDomainFile) if err != nil { p.LogError("unable to open regex list file: ", err) p.dropDomains = true @@ -214,8 +214,8 @@ func (p *FilteringProcessor) LoadDomainsList() { } } - if len(p.config.Transformers.Filtering.KeepFqdnFile) > 0 { - file, err := os.Open(p.config.Transformers.Filtering.KeepFqdnFile) + if len(p.config.Filtering.KeepFqdnFile) > 0 { + file, err := os.Open(p.config.Filtering.KeepFqdnFile) if err != nil { p.LogError("unable to open KeepFqdnFile file: ", err) p.keepDomains = false @@ -230,8 +230,8 @@ func (p *FilteringProcessor) LoadDomainsList() { } } - if len(p.config.Transformers.Filtering.KeepDomainFile) > 0 { - file, err := os.Open(p.config.Transformers.Filtering.KeepDomainFile) + if len(p.config.Filtering.KeepDomainFile) > 0 { + file, err := os.Open(p.config.Filtering.KeepDomainFile) if err != nil { p.LogError("unable to open KeepDomainFile file: ", err) p.keepDomains = false diff --git a/transformers/filtering_test.go b/transformers/filtering_test.go index a89e3fa3..1fe70079 100644 --- a/transformers/filtering_test.go +++ b/transformers/filtering_test.go @@ -14,9 +14,9 @@ const ( func TestFilteringQR(t *testing.T) { // config - config := dnsutils.GetFakeConfig() - config.Transformers.Filtering.LogQueries = false - config.Transformers.Filtering.LogReplies = false + config := dnsutils.GetFakeConfigTransformers() + config.Filtering.LogQueries = false + config.Filtering.LogReplies = false // init subproccesor filtering := NewFilteringProcessor(config, logger.New(false), "test") @@ -35,8 +35,8 @@ func TestFilteringQR(t *testing.T) { func TestFilteringByRcodeNOERROR(t *testing.T) { // config - config := dnsutils.GetFakeConfig() - config.Transformers.Filtering.DropRcodes = []string{"NOERROR"} + config := dnsutils.GetFakeConfigTransformers() + config.Filtering.DropRcodes = []string{"NOERROR"} // init subproccesor filtering := NewFilteringProcessor(config, logger.New(false), "test") @@ -50,8 +50,8 @@ func TestFilteringByRcodeNOERROR(t *testing.T) { func TestFilteringByRcodeEmpty(t *testing.T) { // config - config := dnsutils.GetFakeConfig() - config.Transformers.Filtering.DropRcodes = []string{} + config := dnsutils.GetFakeConfigTransformers() + config.Filtering.DropRcodes = []string{} // init subproccesor filtering := NewFilteringProcessor(config, logger.New(false), "test") @@ -64,9 +64,9 @@ func TestFilteringByRcodeEmpty(t *testing.T) { func TestFilteringByQueryIp(t *testing.T) { // config - config := dnsutils.GetFakeConfig() - config.Transformers.Filtering.DropQueryIpFile = "../testsdata/filtering_queryip.txt" - config.Transformers.Filtering.KeepQueryIpFile = "../testsdata/filtering_queryip_keep.txt" + config := dnsutils.GetFakeConfigTransformers() + config.Filtering.DropQueryIpFile = "../testsdata/filtering_queryip.txt" + config.Filtering.KeepQueryIpFile = "../testsdata/filtering_queryip_keep.txt" // init subproccesor filtering := NewFilteringProcessor(config, logger.New(false), "test") @@ -101,8 +101,8 @@ func TestFilteringByQueryIp(t *testing.T) { func TestFilteringByFqdn(t *testing.T) { // config - config := dnsutils.GetFakeConfig() - config.Transformers.Filtering.DropFqdnFile = "../testsdata/filtering_fqdn.txt" + config := dnsutils.GetFakeConfigTransformers() + config.Filtering.DropFqdnFile = "../testsdata/filtering_fqdn.txt" // init subproccesor filtering := NewFilteringProcessor(config, logger.New(false), "test") @@ -121,8 +121,8 @@ func TestFilteringByFqdn(t *testing.T) { func TestFilteringByDomainRegex(t *testing.T) { // config - config := dnsutils.GetFakeConfig() - config.Transformers.Filtering.DropDomainFile = "../testsdata/filtering_fqdn_regex.txt" + config := dnsutils.GetFakeConfigTransformers() + config.Filtering.DropDomainFile = "../testsdata/filtering_fqdn_regex.txt" // init subproccesor filtering := NewFilteringProcessor(config, logger.New(false), "test") @@ -146,10 +146,10 @@ func TestFilteringByDomainRegex(t *testing.T) { func TestFilteringByKeepDomain(t *testing.T) { // config - config := dnsutils.GetFakeConfig() + config := dnsutils.GetFakeConfigTransformers() // file contains google.fr, test.github.com - config.Transformers.Filtering.KeepDomainFile = "../testsdata/filtering_keep_domains.txt" + config.Filtering.KeepDomainFile = "../testsdata/filtering_keep_domains.txt" // init subproccesor filtering := NewFilteringProcessor(config, logger.New(false), "test") @@ -178,14 +178,14 @@ func TestFilteringByKeepDomain(t *testing.T) { func TestFilteringByKeepDomainRegex(t *testing.T) { // config - config := dnsutils.GetFakeConfig() + config := dnsutils.GetFakeConfigTransformers() /* file contains: (mail|sheets).google.com$ test.github.com$ .+.google.com$ */ - config.Transformers.Filtering.KeepDomainFile = "../testsdata/filtering_keep_domains_regex.txt" + config.Filtering.KeepDomainFile = "../testsdata/filtering_keep_domains_regex.txt" // init subproccesor filtering := NewFilteringProcessor(config, logger.New(false), "test") @@ -216,8 +216,8 @@ func TestFilteringByKeepDomainRegex(t *testing.T) { func TestFilteringByDownsample(t *testing.T) { // config - config := dnsutils.GetFakeConfig() - config.Transformers.Filtering.Downsample = 2 + config := dnsutils.GetFakeConfigTransformers() + config.Filtering.Downsample = 2 // init subproccesor filtering := NewFilteringProcessor(config, logger.New(false), "test") @@ -241,7 +241,7 @@ func TestFilteringByDownsample(t *testing.T) { } // test for default behavior when downsample is set to 0 - config.Transformers.Filtering.Downsample = 0 + config.Filtering.Downsample = 0 filtering = NewFilteringProcessor(config, logger.New(false), "test") if filtering.CheckIfDrop(&dm) == true { @@ -255,9 +255,9 @@ func TestFilteringByDownsample(t *testing.T) { func TestFilteringMultipleFilters(t *testing.T) { // config - config := dnsutils.GetFakeConfig() - config.Transformers.Filtering.DropDomainFile = "../testsdata/filtering_fqdn_regex.txt" - config.Transformers.Filtering.DropQueryIpFile = "../testsdata/filtering_queryip.txt" + config := dnsutils.GetFakeConfigTransformers() + config.Filtering.DropDomainFile = "../testsdata/filtering_fqdn_regex.txt" + config.Filtering.DropQueryIpFile = "../testsdata/filtering_queryip.txt" // init subproccesor filtering := NewFilteringProcessor(config, logger.New(false), "test") diff --git a/transformers/geoip.go b/transformers/geoip.go index 5fbb247b..e742c189 100644 --- a/transformers/geoip.go +++ b/transformers/geoip.go @@ -32,7 +32,7 @@ type GeoRecord struct { } type GeoIpProcessor struct { - config *dnsutils.Config + config *dnsutils.ConfigTransformers logger *logger.Logger dbCountry *maxminddb.Reader dbCity *maxminddb.Reader @@ -40,7 +40,7 @@ type GeoIpProcessor struct { enabled bool } -func NewDnsGeoIpProcessor(config *dnsutils.Config, logger *logger.Logger) GeoIpProcessor { +func NewDnsGeoIpProcessor(config *dnsutils.ConfigTransformers, logger *logger.Logger) GeoIpProcessor { d := GeoIpProcessor{ config: config, logger: logger, @@ -58,8 +58,8 @@ func (p *GeoIpProcessor) LogError(msg string, v ...interface{}) { } func (p *GeoIpProcessor) Open() (err error) { - if len(p.config.Transformers.GeoIP.DbCountryFile) > 0 { - p.dbCountry, err = maxminddb.Open(p.config.Transformers.GeoIP.DbCountryFile) + if len(p.config.GeoIP.DbCountryFile) > 0 { + p.dbCountry, err = maxminddb.Open(p.config.GeoIP.DbCountryFile) if err != nil { p.enabled = false return @@ -68,8 +68,8 @@ func (p *GeoIpProcessor) Open() (err error) { p.LogInfo("country database loaded (%d records)", p.dbCountry.Metadata.NodeCount) } - if len(p.config.Transformers.GeoIP.DbCityFile) > 0 { - p.dbCity, err = maxminddb.Open(p.config.Transformers.GeoIP.DbCityFile) + if len(p.config.GeoIP.DbCityFile) > 0 { + p.dbCity, err = maxminddb.Open(p.config.GeoIP.DbCityFile) if err != nil { p.enabled = false return @@ -78,8 +78,8 @@ func (p *GeoIpProcessor) Open() (err error) { p.LogInfo("city database loaded (%d records)", p.dbCity.Metadata.NodeCount) } - if len(p.config.Transformers.GeoIP.DbAsnFile) > 0 { - p.dbAsn, err = maxminddb.Open(p.config.Transformers.GeoIP.DbAsnFile) + if len(p.config.GeoIP.DbAsnFile) > 0 { + p.dbAsn, err = maxminddb.Open(p.config.GeoIP.DbAsnFile) if err != nil { p.enabled = false return diff --git a/transformers/geoip_test.go b/transformers/geoip_test.go index 14d91404..3293ef29 100644 --- a/transformers/geoip_test.go +++ b/transformers/geoip_test.go @@ -9,8 +9,8 @@ import ( func TestGeoIP_LookupCountry(t *testing.T) { // enable geoip - config := dnsutils.GetFakeConfig() - config.Transformers.GeoIP.DbCountryFile = "../testsdata/GeoLite2-Country.mmdb" + config := dnsutils.GetFakeConfigTransformers() + config.GeoIP.DbCountryFile = "../testsdata/GeoLite2-Country.mmdb" // init the processor geoip := NewDnsGeoIpProcessor(config, logger.New(true)) @@ -37,8 +37,8 @@ func TestGeoIP_LookupCountry(t *testing.T) { func TestGeoIP_LookupAsn(t *testing.T) { // enable geoip - config := dnsutils.GetFakeConfig() - config.Transformers.GeoIP.DbAsnFile = "../testsdata/GeoLite2-ASN.mmdb" + config := dnsutils.GetFakeConfigTransformers() + config.GeoIP.DbAsnFile = "../testsdata/GeoLite2-ASN.mmdb" // init the processor geoip := NewDnsGeoIpProcessor(config, logger.New(false)) diff --git a/transformers/normalize.go b/transformers/normalize.go index eb24ac3e..d6792084 100644 --- a/transformers/normalize.go +++ b/transformers/normalize.go @@ -7,10 +7,10 @@ import ( ) type NormalizeProcessor struct { - config *dnsutils.Config + config *dnsutils.ConfigTransformers } -func NewNormalizeSubprocessor(config *dnsutils.Config) NormalizeProcessor { +func NewNormalizeSubprocessor(config *dnsutils.ConfigTransformers) NormalizeProcessor { s := NormalizeProcessor{ config: config, } @@ -19,7 +19,7 @@ func NewNormalizeSubprocessor(config *dnsutils.Config) NormalizeProcessor { } func (s *NormalizeProcessor) IsEnabled() bool { - return s.config.Transformers.Normalize.Enable + return s.config.Normalize.Enable } func (s *NormalizeProcessor) Lowercase(qname string) string { diff --git a/transformers/normalize_test.go b/transformers/normalize_test.go index 0951cfc7..c0a18dfe 100644 --- a/transformers/normalize_test.go +++ b/transformers/normalize_test.go @@ -8,9 +8,9 @@ import ( func TestNormalizeLowercaseQname(t *testing.T) { // enable feature - config := dnsutils.GetFakeConfig() - config.Transformers.Normalize.Enable = true - config.Transformers.Normalize.QnameLowerCase = true + config := dnsutils.GetFakeConfigTransformers() + config.Normalize.Enable = true + config.Normalize.QnameLowerCase = true // init the processor qnameNorm := NewNormalizeSubprocessor(config) diff --git a/transformers/subprocessors.go b/transformers/subprocessors.go index 115da065..5eff7f0c 100644 --- a/transformers/subprocessors.go +++ b/transformers/subprocessors.go @@ -12,7 +12,7 @@ var ( ) type Transforms struct { - config *dnsutils.Config + config *dnsutils.ConfigTransformers logger *logger.Logger name string @@ -23,7 +23,7 @@ type Transforms struct { NormalizeTransform NormalizeProcessor } -func NewTransforms(config *dnsutils.Config, logger *logger.Logger, name string) Transforms { +func NewTransforms(config *dnsutils.ConfigTransformers, logger *logger.Logger, name string) Transforms { d := Transforms{ config: config, @@ -42,33 +42,33 @@ func NewTransforms(config *dnsutils.Config, logger *logger.Logger, name string) } func (p *Transforms) Prepare() error { - if p.config.Transformers.Normalize.Enable { + if p.config.Normalize.Enable { p.LogInfo("[normalize] enabled") } - if p.config.Transformers.GeoIP.Enable { + if p.config.GeoIP.Enable { p.LogInfo("[GeoIP] enabled") if err := p.GeoipTransform.Open(); err != nil { p.LogError("geoip open error %v", err) } } - if p.config.Transformers.UserPrivacy.Enable { + if p.config.UserPrivacy.Enable { p.LogInfo("[user privacy] enabled") } - if p.config.Transformers.Filtering.Enable { + if p.config.Filtering.Enable { p.LogInfo("[filtering] enabled") } - if p.config.Transformers.Suspicious.Enable { + if p.config.Suspicious.Enable { p.LogInfo("[suspicious] enabled") } return nil } func (p *Transforms) Reset() { - if p.config.Transformers.GeoIP.Enable { + if p.config.GeoIP.Enable { p.GeoipTransform.Close() } } @@ -84,31 +84,31 @@ func (p *Transforms) LogError(msg string, v ...interface{}) { func (p *Transforms) ProcessMessage(dm *dnsutils.DnsMessage) int { // Normalize qname to lowercase - if p.config.Transformers.Normalize.Enable { - if p.config.Transformers.Normalize.QnameLowerCase { + if p.config.Normalize.Enable { + if p.config.Normalize.QnameLowerCase { dm.DNS.Qname = p.NormalizeTransform.Lowercase(dm.DNS.Qname) } } // Traffic filtering ? - if p.config.Transformers.Filtering.Enable { + if p.config.Filtering.Enable { if p.FilteringTransform.CheckIfDrop(dm) { return RETURN_DROP } } // Apply user privacy on qname and query ip - if p.config.Transformers.UserPrivacy.Enable { - if p.config.Transformers.UserPrivacy.AnonymizeIP { + if p.config.UserPrivacy.Enable { + if p.config.UserPrivacy.AnonymizeIP { dm.NetworkInfo.QueryIp = p.UserPrivacyTransform.AnonymizeIP(dm.NetworkInfo.QueryIp) } - if p.config.Transformers.UserPrivacy.MinimazeQname { + if p.config.UserPrivacy.MinimazeQname { dm.DNS.Qname = p.UserPrivacyTransform.MinimazeQname(dm.DNS.Qname) } } // Add GeoIP metadata ? - if p.config.Transformers.GeoIP.Enable { + if p.config.GeoIP.Enable { geoInfo, err := p.GeoipTransform.Lookup(dm.NetworkInfo.QueryIp) if err != nil { p.LogError("geoip lookup error %v", err) @@ -122,7 +122,7 @@ func (p *Transforms) ProcessMessage(dm *dnsutils.DnsMessage) int { } // add suspicious flags in DNS messages - if p.config.Transformers.Suspicious.Enable { + if p.config.Suspicious.Enable { p.SuspiciousTransform.CheckIfSuspicious(dm) } diff --git a/transformers/suspicious.go b/transformers/suspicious.go index 2cd7f997..412bbcf5 100644 --- a/transformers/suspicious.go +++ b/transformers/suspicious.go @@ -8,13 +8,13 @@ import ( ) type SuspiciousTransform struct { - config *dnsutils.Config + config *dnsutils.ConfigTransformers logger *logger.Logger name string CommonQtypes map[string]bool } -func NewSuspiciousSubprocessor(config *dnsutils.Config, logger *logger.Logger, name string) SuspiciousTransform { +func NewSuspiciousSubprocessor(config *dnsutils.ConfigTransformers, logger *logger.Logger, name string) SuspiciousTransform { d := SuspiciousTransform{ config: config, logger: logger, @@ -28,13 +28,13 @@ func NewSuspiciousSubprocessor(config *dnsutils.Config, logger *logger.Logger, n } func (p *SuspiciousTransform) ReadConfig() { - for _, v := range p.config.Transformers.Suspicious.CommonQtypes { + for _, v := range p.config.Suspicious.CommonQtypes { p.CommonQtypes[v] = true } } func (p *SuspiciousTransform) IsEnabled() bool { - return p.config.Transformers.Suspicious.Enable + return p.config.Suspicious.Enable } func (p *SuspiciousTransform) LogInfo(msg string, v ...interface{}) { @@ -54,13 +54,13 @@ func (p *SuspiciousTransform) CheckIfSuspicious(dm *dnsutils.DnsMessage) { } // long domain name ? - if len(dm.DNS.Qname) > p.config.Transformers.Suspicious.ThresholdQnameLen { + if len(dm.DNS.Qname) > p.config.Suspicious.ThresholdQnameLen { dm.Suspicious.Score += 1.0 dm.Suspicious.Flags.LongDomain = true } // large packet size ? - if dm.DNS.Length > p.config.Transformers.Suspicious.ThresholdPacketLen { + if dm.DNS.Length > p.config.Suspicious.ThresholdPacketLen { dm.Suspicious.Score += 1.0 dm.Suspicious.Flags.LargePacket = true } @@ -72,13 +72,13 @@ func (p *SuspiciousTransform) CheckIfSuspicious(dm *dnsutils.DnsMessage) { } // count the number of labels in qname - if strings.Count(dm.DNS.Qname, ".") > p.config.Transformers.Suspicious.ThresholdMaxLabels { + if strings.Count(dm.DNS.Qname, ".") > p.config.Suspicious.ThresholdMaxLabels { dm.Suspicious.Score += 1.0 dm.Suspicious.Flags.ExcessiveNumberLabels = true } // search for unallowed characters - for _, v := range p.config.Transformers.Suspicious.UnallowedChars { + for _, v := range p.config.Suspicious.UnallowedChars { if strings.Contains(dm.DNS.Qname, v) { dm.Suspicious.Score += 1.0 dm.Suspicious.Flags.UnallowedChars = true diff --git a/transformers/suspicious_test.go b/transformers/suspicious_test.go index 54024051..d87b359c 100644 --- a/transformers/suspicious_test.go +++ b/transformers/suspicious_test.go @@ -9,8 +9,8 @@ import ( func TestSuspiciousMalformedPacket(t *testing.T) { // config - config := dnsutils.GetFakeConfig() - config.Transformers.Suspicious.Enable = true + config := dnsutils.GetFakeConfigTransformers() + config.Suspicious.Enable = true // init subproccesor suspicious := NewSuspiciousSubprocessor(config, logger.New(false), "test") @@ -32,9 +32,9 @@ func TestSuspiciousMalformedPacket(t *testing.T) { func TestSuspiciousLongDomain(t *testing.T) { // config - config := dnsutils.GetFakeConfig() - config.Transformers.Suspicious.Enable = true - config.Transformers.Suspicious.ThresholdQnameLen = 4 + config := dnsutils.GetFakeConfigTransformers() + config.Suspicious.Enable = true + config.Suspicious.ThresholdQnameLen = 4 // init subproccesor suspicious := NewSuspiciousSubprocessor(config, logger.New(false), "test") @@ -56,9 +56,9 @@ func TestSuspiciousLongDomain(t *testing.T) { func TestSuspiciousLargePacket(t *testing.T) { // config - config := dnsutils.GetFakeConfig() - config.Transformers.Suspicious.Enable = true - config.Transformers.Suspicious.ThresholdPacketLen = 4 + config := dnsutils.GetFakeConfigTransformers() + config.Suspicious.Enable = true + config.Suspicious.ThresholdPacketLen = 4 // init subproccesor suspicious := NewSuspiciousSubprocessor(config, logger.New(false), "test") @@ -79,8 +79,8 @@ func TestSuspiciousLargePacket(t *testing.T) { func TestSuspiciousUncommonQtype(t *testing.T) { // config - config := dnsutils.GetFakeConfig() - config.Transformers.Suspicious.Enable = true + config := dnsutils.GetFakeConfigTransformers() + config.Suspicious.Enable = true // init subproccesor suspicious := NewSuspiciousSubprocessor(config, logger.New(false), "test") @@ -101,9 +101,9 @@ func TestSuspiciousUncommonQtype(t *testing.T) { func TestSuspiciousExceedMaxLabels(t *testing.T) { // config - config := dnsutils.GetFakeConfig() - config.Transformers.Suspicious.Enable = true - config.Transformers.Suspicious.ThresholdMaxLabels = 2 + config := dnsutils.GetFakeConfigTransformers() + config.Suspicious.Enable = true + config.Suspicious.ThresholdMaxLabels = 2 // init subproccesor suspicious := NewSuspiciousSubprocessor(config, logger.New(false), "test") @@ -124,8 +124,8 @@ func TestSuspiciousExceedMaxLabels(t *testing.T) { func TestSuspiciousUnallowedChars(t *testing.T) { // config - config := dnsutils.GetFakeConfig() - config.Transformers.Suspicious.Enable = true + config := dnsutils.GetFakeConfigTransformers() + config.Suspicious.Enable = true // init subproccesor suspicious := NewSuspiciousSubprocessor(config, logger.New(false), "test") diff --git a/transformers/userprivacy.go b/transformers/userprivacy.go index b09b7be6..01ff2167 100644 --- a/transformers/userprivacy.go +++ b/transformers/userprivacy.go @@ -14,12 +14,12 @@ var ( ) type UserPrivacyProcessor struct { - config *dnsutils.Config + config *dnsutils.ConfigTransformers v4Mask net.IPMask v6Mask net.IPMask } -func NewUserPrivacySubprocessor(config *dnsutils.Config) UserPrivacyProcessor { +func NewUserPrivacySubprocessor(config *dnsutils.ConfigTransformers) UserPrivacyProcessor { s := UserPrivacyProcessor{ config: config, v4Mask: defaultIPv4Mask, diff --git a/transformers/userprivacy_test.go b/transformers/userprivacy_test.go index 6fa0bd9b..54225dfa 100644 --- a/transformers/userprivacy_test.go +++ b/transformers/userprivacy_test.go @@ -8,9 +8,9 @@ import ( func TestReduceQname(t *testing.T) { // enable feature - config := dnsutils.GetFakeConfig() - config.Transformers.UserPrivacy.Enable = true - config.Transformers.UserPrivacy.MinimazeQname = true + config := dnsutils.GetFakeConfigTransformers() + config.UserPrivacy.Enable = true + config.UserPrivacy.MinimazeQname = true // init the processor userPrivacy := NewUserPrivacySubprocessor(config) @@ -36,9 +36,9 @@ func TestReduceQname(t *testing.T) { func TestAnonymizeIPv4(t *testing.T) { // enable feature - config := dnsutils.GetFakeConfig() - config.Transformers.UserPrivacy.Enable = true - config.Transformers.UserPrivacy.AnonymizeIP = true + config := dnsutils.GetFakeConfigTransformers() + config.UserPrivacy.Enable = true + config.UserPrivacy.AnonymizeIP = true // init the processor userPrivacy := NewUserPrivacySubprocessor(config) @@ -53,9 +53,9 @@ func TestAnonymizeIPv4(t *testing.T) { func TestAnonymizeIPv6(t *testing.T) { // enable feature - config := dnsutils.GetFakeConfig() - config.Transformers.UserPrivacy.Enable = true - config.Transformers.UserPrivacy.AnonymizeIP = true + config := dnsutils.GetFakeConfigTransformers() + config.UserPrivacy.Enable = true + config.UserPrivacy.AnonymizeIP = true // init the processor userPrivacy := NewUserPrivacySubprocessor(config)